Slashdot Mirror
What is Carnivore, and How Does it Work?
MainFrame writes "A friend of a friend of mine, Tom Perrine, was "invited" to testify at the Congressional subcommittee meeting concerning Carnivore. "I had seen Carnivore on a recent trip to Quantico and had the opportunity to discuss the program with some of the developers. This was all before the Earthlink flap. I hope that my (written) testimony was balanced and fair. Those of you who know me, know that I try to balance my firm belief in personal privacy and Constitutional rights with my belief that there *are* times when law enforcement has legitimate needs and a duty to access electronic communications, when properly authorized by a court. " There's a lot of confusion about what carnivore is and what it does, so its nice to see something like this which appears to be much more informed.
When it is MUCH simpler to encrpyt your eMail than it is to secure your phone communications - why not just HIDE anything you don't want the FBI to see?
M$: "We're #2!"
Funny, all they found was a copy of Windows 95 with a copy of Back Orifice running....
Kalrand
-the voice of reason
Kalrand
-the voice of reason
You gotta admint Carnivore is a pretty piss-poor choice...
M$: "We're #2!"
In college I spent 400$ on an old Mac and DLed a demo copy of etherpeek. I then wrote some filters and had a packet sniffer that could do the exact same things that it sounds like carnivore does. Maybe not with as pretty of an interface but it is still just a packet sniffer nothing more nothing less. For under a grand anyone can do this. I would bet our lovely tax dollars pay 50k or so for each one of these PCs. Gotta love government bloat. AS for privacy from it, like I said anyone including them with a network port and 1k can monitor packets. I prefer to encrypt anything special. Wonders if someone will sniff this since it is from work. Oh well
I am 31337 or something.
As this stated in this MSNBC article, Carnivore is just a good idea and system with a bad name.
br"The need for a system such as Carnivore may be regrettable, but it is a necessary evil. And, just like a police search of your home or a wiretap of your phone, the FBI can use its Carnivore system only with a judge's permission." I dunno, it's a trade-off: personal safety for personal liberties. Everything has it's price, including safety.
Help me through college please!
Pardon me for going against the tide of slashdot opinions, but I still don't understand what has everyone so riled up. Perhaps I should blame the FBI for choosing a menacing sounding name like "Carnivore," but certainly their intentions are not to destroy or harm. The FBI is a very major government organization paid for by our tax dollars. I may not agree with their moves all the time, but I trust that they are only concerned about the best interest of our country. Why would they go out of their way to harm the very citizens who keep them running?
Government monitoring is nothing new. The FBI have long had many wiretapping systems set up to catch criminals. The USPS scans threatening mail trying to prevent people from mailing bombs and traps to their enemies. Cameras are installed along many city streets to watch crimes and catch traffic violations. I don't understand why these survelaince methods aren't coming under fire as well... why is the internet so incredibly different?
Besides, look at the results of these efforts. Many major crimelords and killers have been caught by slipping up in the presence of wiretapping. Mail monitoring has prevented possible serial terrorists from doing something like send mail bombs. And street cameras catch amazing ammounts of crime, from murders to robberies to prostitution to speeding. I expect Carnivore to be extremely helpful in capturing pedophiles, pirates, terrorists, and other criminals.
Yes, I may be concerned about my own e-mail being read. But I know that I am a law abiding citizen, my messages to people are trivial to the FBI, and that I feel like I need to hide nothing. And even if you *need* privacy, what about encryption? PGP is extremely hard to crack from my knowledge. Use that. I know the Slashdot mentality may contradict it, but it's unrealistic to expect the internet to remain unregulated forever. Regardless, some form of government restricition and monitoring will come eventually, and having read a little about Carnivore, I am satisfied with their efforts.
Emerson Willowick: Thinker, Writer, Human Being.
Open source? Great. How do I know that's the source code the FBI actually used in the live unit? Not possible.
Technical docs? Spiffy. Same question.
Only with a warrant? Yeah, like I trust them to stick to that limitation. (Not to mention the fact that warrants can be issued very quietly, at three in the morning, by a "rubber-stamp" judge, and with ridiculously broad criteria.)
And don't even get me started on the potential of the unit being cracked. Win2K? What were they smoking?
That's a great idea. (No sarcasm, BTW.) I agree w/him that there are times, limited in number, when a wiretap is justified. And I think the suggestion of handing the software to the ISP, getting them to compile it and install it, would lower the paranoia factor (not that it isn't justified) a great deal. But then, maybe I'm one of THEM.
Carousel is a lie!
I'll repost this from the previous Carnivore article. This post was way at the bottom, and thus was completely ignored by the moderators. I am its original author. It deals with the fact that even though your message text is encrypted, the FBI can still read the headers, and find out who is contacting who. This issue was brought up by another anonymous coward, to which I replied:
--
You've hit the problem right on the nail, my friend. Visit www.crimelink.com for an example of this program you are talking about. Organizational matrices and all that stuff are very key to finding out who is doing what, and what the odds are that what they are doing is illegal.
For example. You email Joe Blow regarding a post you saw on a forum about gardening. Little did you know that Joe Blow had earlier emailed someone else, whose email he got off a forsale newsgroup advertising hydroponics. Turns out the guy selling the hydroponics was suspected of selling drugs, because his hydro bill was high enough to set off a flag. Now Joe Blow is just a gardener, but he was dealing with a drug dealer, and now YOU are dealing with someone who has delt with a drug dealer. You automatically have a "relationship" with a drug dealer based on an indirect contact. Carnivor can easily be used to setup such relationships, and programs like Crimelink can easily be used to give graphs and charts outlining any possible relationships.This means police and related agencies can establish a Whose-who in their ISPs neighbourhood.
Now, I don't believe this sort of thing to be happening to the extent that others might believe (IE Echelon voice regognition crazyness and etc) however the potential is very real, and limited capabilities DO EXIST right now. With the onset of such systems as Carnivore, these capabilities grow exponentially towards the situations similiar to that I've outlined above. What I fear the most though is that by next week, Slashdot et al will have forgotten this and moved on to the newest "tiny computer" or Linux IPO news.
Signed,
Your Anonymous (?) Coward.
While I agree that the government needs to be able to monitor suspected criminals(with a warrant of course), I'm not sure that arbitrary filtering criteria is the way to go. What would they use? Keyword searches? TCP/IP headers? What's to prevent the FBI from picking up whole usenet threads or the actions of people reading Slashdot? If I post a response to Joe Child Molester on Slashdot will I come under FBI scrutiny just for mentioning his name? What about the people who quote my(and his) message? Admittedly, these are public forums, but it seems like a huge waste of time to have to scan through all of the fluff that will inevitably be produced. And heaven forbid there should be another person on the ISP with the same name.
Why not just snoop at the (modem/DSLAM/etc) server? If packet sniffing were more like a literal wiretap, I would be a lot more comfortable and I'm sure the FBI would be able to get a lot more work done. It shouldn't be that hard to get only one user's packets.
Visit the
Thank you for your erudite commentary. As it happened, I was only planning on trolling this away for the rest of the day or so -- as you can see from my posting history, I'm much more of a karma whore than a troll. (Though many would say that they're one in the same -- and I'm not inclined to disagree.)
The only reason that I have continued to post the link to Leisure Town is because I have received nothing but thanks for it. People genuinely seem to enjoy it as much as I do, and no, I had nothing to do with its creation.
Thank you again for your perspective.
yours,
john
I quote:
"And the truly amazing part of this story is that there is nothing illegal about the data gathering, itself. Since the kiosk doesn't belong to you or me, we are bound by terms of usage that allow the kiosk provider to do pretty much whatever they want with the bits we run through their system. By simply using their machine, we give up our privacy without even knowing it."
It sounds like we need some privacy laws to fill the lupole that Carnivore seeks to exploit. I, for one, favor the british aproach to seeking the informed consent of the people providing the data before collecting it.
Oh? How many dinosaurs were there? Because I haven't heard much good science about dinosaurs since I was in the third grade.
Mr. science, wouldn't the population of carnivorous dinosaurs have increased as the population of herbivors increased? It's seen all the time today. Are you suggesting that the predator-prey cycles hadn't been invented yet? Or that the carnivorous dinosaurs didn't eat their hebivorous relatives?
Or, are you just confusing the number of species with the actual population?
You can eat what you like, as long as you stay in denial of how that meat came to be on your plate. I find my friends can barely drive past a poultry farm for the stench, much less imagine waling into one and observing the harvesting of the meat crop.
I don't need large brains to have a good time.
I like privacy as much as the next guy, so here's my two cents. I know that sometimes the govt. has to spy on people, but WHY DO IT AT THE ISP LEVEL WHERE YOU CAN SPY ON EVERYONE? I don't need my mail being 'accidentally' sniffed. If they want to watch criminals, put wiretaps AT the criminal's connection at his house NOT ON EVERYONE ELSE'S CONNECTION. 2 words: duh.
------------
a funny comment: 1 karma
an insightful comment: 1 karma
a good old-fashioned flame: priceless
this sig limit is too small to put anything good h
However, notice that a Carnivore can be altered through its modem. A good guy, a bad good guy, or an intruder can alter the configuration remotely. I hope the security on that modem is as good as it should be.
Carnivore? No wonder people are worried. If they had called it "Lady peace" or "guardian angel" people wouldn't be so scared! :)
Yeah, so what are you worrying about? If the smell is to strong for the sniffer, it will just fold under stress like any Windoze system.... :-)
Employee of Inrupt, Project Release Manager and Community Manager for Solid
Chairman:
Yes, Mr. Perrine we appreciate your views on this subject. However, you have not answered my original question.
Do you know the location of agent Mulder?!
---
SCO is weenies
Gator is Spyware
Microsoft is thugs
I think you mean steganography. Stenography is what a court reporter does (they are stenographers.)
I never been so broke that I couldn't leave town.
I think sendmail should be updated to by default use encryption/SSL to connect to other servers. Sure, most other servers will refuse the SSL connection, and then sendmail could fall back to unencrypted transport. But, if it used encryption by default, as such a popular mail package, certainly more and more e-mails would begin to be transmitted with encryption. Other mail server vendors would likely follow the lead after it became commonplace.
---
I am the dot in slashdot.org
Or hide everything, including the innoculous. Right now encrypting some things and not others might be a red flag. But what do you do when you're tasked with monitoring national security and everyone is guilty.
Wait, that's already happened. Damn!
.02
My
Quux26
My
Quux26
www.crashspace.net
I wonder if I were to setup two accounts with two different ISPs, and then send e-mail from one to another stating things like "DESTROY FBI" and criminal words I know they'll be monitoring for, I wonder if it'll prompt an investigation. Considering I'm sending an e-mail to myself, it should proove quite odd for them. On the other hand, if they got tones of people doing this, would Carnivore's usefullness proove quite useless? :)
Additionally, with the source available it could be:
- ported to a more secure operating system.
- examined for flaws.
- easily patched if any security bugs are detected.
- fixed if it has a bug that interferes with an ISP's systems.
And with the configuration done by the ISP the ISP can look out for its subscribers' interests by refusing to tap anyone without the presentation of the appropriate court order. The FBI has a poor track record in that regard.
ISP configuration of software on an ISP-constructed platform (in an ISP-supplied locked cage locked cage) using ISP-tweaked software has no more problems for evidence custody tracking than the ISP-provided signals to an FBI-operated box. (Especially one that is remotely accessable and reconfigurable.) The ISP might have to provide an expert witness to describe their tweaks. But the evidentiary issues are mainly that the evidence isn't forged or altered, not that the sampling filter is incorrect.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
"The FBI will always have to live with the legacy of the Hoover era, just as the Congress will have to constantly compare itself with the McCarthy hearings, and the Executive Branch must always remember Watergate. These and other incidents from our country's history have contributed to an unfortunate general distrust of our public institutions when they concern themselves with the rights of our citizens."
All it takes is one power hungry nutball to go after anyone they consider "devient" and you're being tracked by your "warm and friendly" FBI for being a member of the NRA, watching Rosie, or enjoying a cuban cigar.
History is prolog.
In India, where I live - a relatively free, democratic country all ISPs are expected to provide (at their expense) monitoring equipment for the government. The same goes for Cellular Telephone providers. There has not been a single peep of protest here.
In most countries, including the UK and the rest of the EU, there is not as much concern for individual freedom as there is in the US.In Singapore, for example, when Internet access was first provided, it was through proxy servers so that the government could censor the 'net. This is still true of countries like Saudi Arabia.
I am quite sure that the FBI will never be allowed to attempt the kind of monitoring that is probably going on right now around the world.
If you live in the United States -- count your blessings!
"Rowe's Rule: The odds are five to six that the light at the end of the tunnel is the headlight of an oncoming train."
Carnivore sucks like a Hoover.
Government monitoring is nothing new. Hitler's Gestapo did it, Pol Pot's gangs did it, and Mao's whatever, and Stalin's GRU, and Nixon's burglers, and Clinton's FBI, and each of these organizations believed that they were doing the right thing. Sometimes, all of them were doing things we'd approve of. Usually they were not.
Your messages may well seem trivial to the FBI. Every government uses trivial people to make examples of, to keep the rest in line. You're as good as any to persecute for some trivial act which our government has chosen to demonize. Do you smoke pot? Do you tell people we should leave pot smokers alone, even though they smell bad? Have you ever carried cash across town pay for a used cars? Harmless people who represented no threat to society have been persecuted for these activities, recently, in the US.
Law enforcement organizations indoctrinate their (usually stupid) employees with the mindset that there are three sorts of people: cops, suspects and convicts. If they haven't found a way to frame you yet, they should try harder. The US Fish and Wildlife cops are usually NOT considered to be corrupt or politicised. A friend of mine was cook on one of their enforcement boats in the gulf of Alaska. He was shocked to find that the two topics of conversation (other than cheating on their wives) were "how we framed so-and-so" and "how we'll plant evidence on this next guy we want to get". He quit after one trip; the cops were too disgusting to live around, morally at least.
One last point: did mail monitoring really stop the unibomber? I thought it was the fact that some newspaper published one of his diatribes, which was recognized by a brother.
In conclusion, I believe that law enforcement is vitally important. Allowing them to work in secret only helps them to become worse than the people they are supposed to protect us from: worse in the same way that the mafia is worse than a bunch of disorganized crooks. Corrupt government is the worst possible threat to law abiding citizens, and secrecy breeds corruption, just as does power.
Nels
See what I've been reading.
No, it's a great name doing exactly what it should be doing. Carnivore, when operating correctly, records only emails relevant to a court ordered case. It was used (not counting cases involving large ISPs which provide the logging themselves, *cough*AOL*Cough*) in somewhere between 25 and 100 cases in just 1999.
/sure/ has gotten totally replaced!) sucked in 6 gigs of data an hour. For comparison, James Joyce's Ulysses is 1.6megs. so, 3840 copies of Ulysses an hour.
= 1 ; Calculation (6gig*(1024meg/gig)) * (1 book/1.6meg)) )
Omnivore, an 'earlier version' (which I'm
( http://www.msnbc.com/news/431355.asp?0nm=B16M&cp1
Hear anything about Omnivore recently?
Right. So, the Carnivore name is perfect.
The real question is when are they gonna product an OpenBSD/Trusted Extensions or a Linux version? I mean, it's running on Windows. I don't want to trust the FBI with the power to monitor all my email, much less every skript kiddie in the world.
Returned Peace Corps IT Volunteer
Yes, it tweaked everyone, just like Dan Farmer naming his security tool SATAN got lots of publicity; naming either product "NetTool3" wouldn't have created any publicity, though its existence would still cause some publicity. But this let them be in your face about what they're doing, and about the fact that almost all ISPs they've asked have let them use it, except one that had technical difficulties, and that it's part of "da legitimate needs o' law enforcement". Janet Reno got to say "those crazy guys should have picked a better name" but still be in favor of rampant wiretapping.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Lets say that the FBI only uses Carnivore in a reasonable, legal way. But who else could use it?
I don't like this part:
"...did have the capability to be monitored itself from a remote site via telephone...would also allow a remote user to change the filtering criteria...capable of transmitting some gathered data via the telephone connection."
How difficult would it be to find the dial-up number as the ISP? And then to crack the login?
The fact that it runs on a Windows box isn't reassuring either.
1. Omnivore was EtherPeek from Ag Group
2. Carnivore is SilentRunner from Raytheon
</speculation>
Do we really think that the FBI Lab is capable of developing something like this on their own? (after they hid the fact that total credit for id'ing MafiaBoy should go to outside consultants)?
Silentrunner has a matching feature-set.
And Tom Perrine says source code will be a snapshot in time.. ahem, how about reconstructing ALL the capabilities from the code; then we know what is the worst it can do. Is the man an idiot or just trying to get a promotion?
And you're a fucking coward.
"Record'em all, that part just takes money. Now wait for criminals, then check what you had on them, find patterns, refine the search algorithm."
Okay, Mr. Brilliant: let's see you show me even a simple 2-level Van Wijigarden(sp) or phase-structure grammar that could do even 1/1000th of what you just said. You do that, and I'll reply and admit in bold italics that I'm a fucking idiot. Otherwise, you admit that you're the moron.
(We'll leave out that phase-structure grammars have no known method of being parsed, and just go with the fact that it's the most powerful grammar, equal to a Van Wijjigarden grammar.)
You're also the kind of person who also goes around saying things like "The NSA and the CIA and the FBI together have many billions of dollars. You think they can't crack triple-DES? You've gotta be kidding!!! I mean, I have no idea what the fuck I'm talking about, but I'm sure that the government is smart enough that they do!!! Really! Because they have a few billion dollars, a lotta Crays, and some MIT grads, they can solve problems that the entire civilian population can't! Really!!!"
The rest of your argument is, uh, too stupid for me to waste my time with. The above does fine.
Have a nice day!
Hmm, lets see here, 6 degrees around the world, how many drug dealers and other undesirables do you suppose we are all linked to in just a couple steps?
(sic) protect us from a govt technology that can "scale up to oppression"
In the context of what the good Dr. was talking about. The real problem with Carnivore is that it is trivial to scale this thing up to spy on anybody for any reason. With traditional wire-taping, its relatively difficult for the FBI to do (they need to send out a tech, attach wires, etc.) But for Carnivore, they can change the search parameters remotely.
The point is, that it should be made expensive for the FBI to run a query on someone via Carnivore. This would help ensure that they weren't using it wholesale against anyone and everyone that they had 'reasonable suspicion' about.
I spoke with Mudge at BlackHat/DEFCON this last week, and the subject of Carnivore came up (I actually watched Messrs Perrine, Blaze, et al on CSPAN2 - do I get some kind of uber-geek award?) Anyway, Mudge's response, and I quote, was "I've got a copy of Carnivore, and it's pretty lightweight." I'm reassured by Mudge's comment and by the fact that the Representatives' questions, especially Messrs Watt and Nadler, were germane to the testimony. I'd say freedom's safe for the time being, but let's not get complacent, either!
Tip: the Digital Telephony Act has been around for years mandating built-in wiretaps in phone switches, but Speak Freely is free, includes source, and provides your choice of strong encryption methods.
-- Could you use my software consulting serv
I figure that, if I did make it into the Carnivore logs, then they'd get pretty bored monitoring my traffic. Unless they have something against searches and links to paganism, ghosts, and slashdot. ;)
I do notice that the worry seems not to be on Carnivore itself but concern over appropriate usage. If that's the case, here's a proposal:
Require Carnivore to be installed on all ISPs, as well as on the FBI's external sites (the ones they'd use for Carnivore, not the FBI itself ;)). When they do decide to log something, then it'd require configuration on the FBI side and the ISP side. If anything suspicious is found, run a diff to verify that it appears on both sides. Therefore, "accidentally" misinterpreting an IP would be less likely. I mean, what if xxx.xxx.xxx.88 is the guilty party but someone decides it's actually .86?
Seeing as this thread is already getting old, I doubt this will get read, but at least it makes me feel better. ;)
Interesting observations and good points.
Somebody mod this up!
=================== Pretty? Feh. Shiny? Feh. A Jedi craves not these things.
Governments around the world have always found new ways to keep tabs on the public, and our electronic age has made their job much easier. Carnivore is bound to be misused to gather information, to think any differently would be we to admit we live in fairyland. The potential for misuse is astronomical. Do the FBI really think that they will find many genuine emails detailing plans to blow up the Pentagon, rob banks, commit murder etc? It would be interesting to see what happened if every member at slashdot started a chain letter containing a number of keywords to set Carnivore sniffing away. Most Laws and restrictions usually only hurt the honest man - criminals will always find ways around them (usually harming the innocent to arrive at their goal). Isn't it about time that the email protocol was revamped and the security holes sewn up? A protocol that is decades old is surely not suitable for the way we do business today.
Encrypting the sendmail connection only protects one link in the chain.
What if your external SMTP server gets it encrypted, but has to shuttle it over to the abominable Exchange server in plain text? That can get sniffed. If you use IMAP or POP without SSL/TLS, they can sniff that instead. It will be in plain text as it is downloaded to your mail client. Some software (notably Eudora) have no SSL support, which makes these folks particularly vulnerable.
If e-mail travels over the wire encrypted, but is stored in plain text in your mailbox, it's not safe. They can get a subpeona for your mailbox just as easily as they can get the wiretap order. Wrapping all the e-mail related connections is the only way to completely prevent Carnivore-style sniffing. Even if you do that they could get the the ISP to hand over the contents of your mailbox, and you'd never know.
Antivore uses SSL/TLS on all connections that send your e-mail unencrypted. It also keeps your encrypted email encrypted in your mailbox. Even if they subpoena your mailbox, they can't decrypt it without your passphrase for your private key. It also tries to (but, of course, cannot actually) prevent you from storing all your email unencrypted anywhere. There's even a (coming soon) interface through the Web Horde's IMP web mail interface.
Antivore is not the 100% perfect solution, but it gets encryption into the hands of the average person easily and painlessly. We use it here, and have no fears about our ISP, even if the did install Carnivore
.Paco is an employee of Tovaris, Inc. who speaks his own mind and not theirs.
Err, I can't see how a Windows PC with a 100Mb Ethernet card is going to keep up with a OC12 or OC48 backbone data stream as is prevelant in large ISP backbones.
This post does not exist
Which is what anonymizer services are great at hiding. Yes, just using PGP won't render Carnivore useless, but there are ways around it.
---
Zardoz has spoken!
Oper on the Nightstar
I do count my blessings.
Every time something like this pops up and the government or big business or whoever decides that they have the right to trample my rights, I'm thankful that I still have the right to stand up on my soapbox and shout for all the world to hear, "DON'T YOU DARE TREAD ON ME!" That's one of the ten basic freedoms this country (yeah, I'm in the US) was founded on, and I'm thankful that I can use it now that yet another one of those freedoms is again in jeopardy.
For what it's worth, I'm in favor of those same basic freedoms in other countries, too. It's a small rock we're all stuck on, after all.
Well... i can see someone forgot to take his/her anti-anal retentive pill today.
-
Well.. just to fill up the government is a lot more powerful then you think...
When you're sitting at home on your 'puter wondering what type of trouble you can get into.
There watching thousands of people simultaneosly. THEY are already listening to you.
So... next time you go off and blow up.. think a little next time.
And hey... have a little respect for the other slashdoter's.
Thanks
-------------------------------------------------
Just Anonther Person Who Know's Whats Going on in This Side of the World.. But Doesn't Give A Shit.
Hey, I will wait to see what the university review of the system says. I'm not going to let some CS BS artist that wants to apologize for the FBI's snooper machine sway me one bit. What if the FBI had a machine that could swift through all the snail mail to check for contents that could be illegal. Therefore every person in the United States would have their mail scanned for illegal content just to find a few criminals they have warrants on. The Los Angeles County police agencies had a similar type of operation that targeted drug dealers using pay phones. The problem is that thousands of innocent people had their private conversations taped by the police. This email snoop has the potential to be abused and that is the fundamental problem with it's use. The real solution is for the FBI to obtain a warrant and then have the ISP forward a copy of every email sent to the user. To give the FBI the ability to scan every email header is a infringement of the Fourth amendment against unreasonable search and seizure and the right to be secure in our homes and papers.